Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 25, 2026
Reflected Cross Site Scripting (XSS) vulnerability in Support Board
CVE-2026-4816
Description
A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=3.7.7+ 1 more
- (no CPE)range: =3.7.7
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.